﻿@using Ebusiness_Authservice.Services.Dtos
@model AuthorizeViewModel

@{
    ViewData["Title"] = "授权同意";
}

<div class="container mt-5">
    <div class="row justify-content-center">
        <div class="col-md-6">
            <div class="card">
                <div class="card-header">
                    <h4>授权请求</h4>
                </div>
                <div class="card-body">
                    <p><strong>应用名称：</strong>@Model.ClientName</p>
                    <p><strong>应用ID：</strong>@Model.ClientId</p>

                    <h5>请求的权限：</h5>
                    <ul>
                        @foreach (var scope in Model.Scopes)
                        {
                            <li>@GetScopeDisplayName(scope)</li>
                        }
                    </ul>

                    <!-- 同意授权表单 -->
                    <form method="post" action="@Url.Action("AuthorizePost", "Connect")" enctype="application/x-www-form-urlencoded">
                        <input type="hidden" name="action" value="allow" />
                        <input type="hidden" name="client_id" value="@Model.ClientId" />
                        <input type="hidden" name="redirect_uri" value="@Model.RedirectUri" />
                        <input type="hidden" name="response_type" value="code" />
                        <input type="hidden" name="scope" value="@Model.Scope" />
                        <input type="hidden" name="state" value="@Model.State" />
                        @* <input type="hidden" name="authRequestKey" value="@Model.AuthRequestKey" /> *@

                        <div class="d-grid gap-2">
                            <button type="submit" class="btn btn-success">
                                同意授权
                            </button>
                        </div>
                    </form>

                    <!-- 拒绝授权表单 -->
                    <form method="post" action="@Url.Action("AuthorizePost", "Connect")" enctype="application/x-www-form-urlencoded" style="margin-top: 10px;">
                        <input type="hidden" name="action" value="deny" />
                        <input type="hidden" name="client_id" value="@Model.ClientId" />
                        <input type="hidden" name="redirect_uri" value="@Model.RedirectUri" />
                        <input type="hidden" name="response_type" value="code" />
                        <input type="hidden" name="scope" value="@Model.Scope" />
                        <input type="hidden" name="state" value="@Model.State" />
                        @* <input type="hidden" name="authRequestKey" value="@Model.AuthRequestKey" /> *@

                        <div class="d-grid">
                            <button type="submit" class="btn btn-danger">
                                拒绝授权
                            </button>
                        </div>
                    </form>
                </div>
            </div>
        </div>
    </div>
</div>

@functions {
    private string GetScopeDisplayName(string scope)
    {
        return scope switch
        {
            "api1" => "API访问权限",
            "offline_access" => "离线访问",
            "email" => "邮箱地址",
            "profile" => "个人信息",
            "roles" => "用户角色",
            _ => scope
        };
    }
}